Open JTCyberTech opened 11 months ago
What are Command Injection vulnerabilities?
How to find Command Injection vulnerabilities?
How to exploit Command Injection vulnerabilities?
How to prevent Command Injection vulnerabilities?
Port Swigger Web Security Academy Labs
Lab 1: OS Command Injection, Simple Case
Lab 2: Blind OS Command Injection with Time Delays
Lab 3: Blind OS Command Injection with Output Redirection
Lab 4: Blind OS Command Injection with Out-of-Band Interaction
Lab 5: Blind OS Command Injection with Out-of-Band Data Exfiltration
VirtualBox: Tutorial Here
VMware: Tutorial Here
Burp Suite Community Edition (Pre-installed in Kali Linux)
Burp Suit Professional Edition (Not Free - Needed for Lab 4 and 5)
Visual Studio (Free: Require to be install in Kali Linux)
Install Visual Studio in your Kali Linux VM
Register an Account: Here
Log onto the Academy: Here
Mastering Command Injection
Key-Takeaways:
What are Command Injection vulnerabilities?
How to find Command Injection vulnerabilities?
How to exploit Command Injection vulnerabilities?
How to prevent Command Injection vulnerabilities?
Labs:
Port Swigger Web Security Academy Labs
Lab 1: OS Command Injection, Simple Case
Lab 2: Blind OS Command Injection with Time Delays
Lab 3: Blind OS Command Injection with Output Redirection
Lab 4: Blind OS Command Injection with Out-of-Band Interaction
Lab 5: Blind OS Command Injection with Out-of-Band Data Exfiltration
Prerequisites:
VirtualBox or VMware Setup:
VirtualBox: Tutorial Here
VMware: Tutorial Here
Kali Linux VM Installation:
VirtualBox: Tutorial Here
VMware: Tutorial Here
Tools Needed for The Labs:
Burp Suite Community Edition (Pre-installed in Kali Linux)
Burp Suit Professional Edition (Not Free - Needed for Lab 4 and 5)
Visual Studio (Free: Require to be install in Kali Linux)
Visual Studio Installation:
Install Visual Studio in your Kali Linux VM
Portswigger Web Security Academy Access:
Register an Account: Here
Log onto the Academy: Here